Resources

(ISC)² Community

(ISC)² Board of Directors

One of the many things that makes the (ISC)² community special is we have members who seek out challenges. We see that every day in our (ISC)² Board of Directors.

Elected by fellow members, our board members are (ISC)² certified like you. These leading information security professionals represent a wide range of organizations around the world. As our board members, they’re responsible for:

Dr. Kevin Charest serves as the divisional senior vice president and chief information security officer for Health Care Service Corporation. He is responsible for all aspects of IT security operations across HCSC’s five plan states, including actively monitoring and mitigating current cyberthreats and overseeing the governance, risk and compliance program.

Kevin previously served as the VP of IT security and cyber defense operations at UnitedHealth Group and as the chief information security officer for the U.S. Department of Health and Human Services (HHS) where he was directly responsible for the HHS cybersecurity technology portfolio.

Prior to joining the federal government, Kevin served in a number of entrepreneurial and senior executive positions in the private sector. His leadership in technology applications, innovation and security were instrumental to the development of numerous products and services.

Kevin holds a Ph.D. in Cybersecurity from Capella University. He also holds a master’s degree in Business Administration from the University of West Georgia and a bachelor’s degree in Computer Science from the University of Central Arkansas. He is also a veteran of the United States Marine Corps and the U.S. Army.

Zachary Tudor, CISSP (USA)Vice Chairperson

Zachary (Zach) is the Associate Laboratory Director of Idaho National Laboratory’s (INL) National and Homeland Security’s (N&HS) organization. It’s a major center for national security technology development and demonstration, employing 550 scientists and engineers across $300M in programs for the:

Enhancing the overall security and resilience of the nation’s infrastructure

Providing protective system solutions and heavy manufacturing of armor for national defense

Zach has more than 30 years of experience in IT and cyber security management, operations and incident response.

Past positions include Program Director in the Computer Science Laboratory at SRI International, support to the Control Systems Security Program (CSSP) and the ICS-CERT at DHS, on-site deputy, program manager for the NRO’s world-wide operational network, information security manager for OSD CIO’s Enterprise Operations Support Team and security management support for the Centers for Medicare and Medicaid Services.

Zach holds an M.S. in Information Systems from George Mason University concentrating in cyber security.

Lori Ross O’Neil, CISSP (USA)Secretary

Lori is a Cyber Security Project Manager at the Pacific Northwest National Laboratory. In her current role with PNNL, Lori manages multimillion-dollar energy cybersecurity research projects where her teams work in partnership with government agencies and industry to perform research and development to deliver "first of a kind" solutions in the mission to protect the United States national critical infrastructure.

She has more than 20 years of experience in cybersecurity and information technology, the last 10 years of which has focused on operational security of Industrial Control Systems (ICS) with a focus on the U.S. energy sector. She previously held various technical positions with the National Aeronautics and Space Administration (NASA), focused on orbital vehicle missions and the manufacture of the last U.S. Space Shuttle.

Tony Cole, CISSP, SSCP (USA)Treasurer

Tony Cole is a cybersecurity expert with more than 30 years’ experience, a bachelor’s degree in computer networking and holds his CISSP certification. Today, he serves as Attivo Networks Chief Technology Officer. Prior to joining Attivo Networks, Mr. Cole served in a number of executive roles at FireEye, McAfee, and Symantec. He’s retired from the U.S. Army and was an early advisor to Wall Street on the cybersecurity market. Mr. Cole is on the Board of Silent Circle, serves on the NASA Advisory Council and on the (ISC)² Board of Directors. He’s also a former president of ISSA-DC.

Arthur R. Friedman, CISSP (USA)

Arthur Friedman has 40 years of diversified technical, national policy, management and teaching experience in the cybersecurity field. He currently supports the Committee on National Security Systems and the National Security Council as a senior Cybersecurity Strategist. He has held various technical and management positions at the National Security Agency supporting the computer network defense mission.

Arthur also worked in the private sector for The MITRE Corporation and Booz Allen and Hamilton as a systems security engineer. Additionally, he is a Certified Information Systems Security Professional (CISSP) and currently services on the (ISC)² Board of Directors as the Treasurer, and previously served on both the (ISC)² Government Advisory Council and a judge for the Information Security Leadership Awards® - U.S. Government for 13 years.

Arthur is an adjunct faculty member teaching Network Security and Cybersecurity classes for Towson University. He has an undergraduate degree in Mathematics from Hofstra University and graduate degrees in Business Administration from Boston University and National Security Policy from the United States Army War College.

He retired from the U.S. Army Reserves as a Colonel with his last assignment with the United States Strategic Command responsible for planning and executing non-kinetic/cyber operations at the strategic level.

Arthur lives in Maryland and spends his free time sailing on the Chesapeake Bay with his wife.

Biljana Cerin, CISSP (Croatia)
(ISC)² Board Ethics Committee Chair

Biljana Cerin is the Director of Ostendo Consulting, which was founded 2011 in London, U.K. and Zagreb, Croatia. The company provides information security and risk management, IT governance, and compliance related consulting services.

Her primary focus is achievement of visible results for the client organizations and ensuring information security is seen as a business enabler when meeting legal and regulatory requirements (such as GDPR, HIPAA, GMP Annex 11, PCI DSS).

Biljana is President of the (ISC)² Croatia Chapter, a frequent speaker at leading international information security conferences, and the bearer of CISSP, CIPP/E, CISA, CISM, CGEIT, CBCP and PMP professional certifications. She strives towards engaging young professionals, especially women, in information security field during early stages of their careers and establishing a stronger connection between the professional community and educational institutions.

Dr. Earl Crane is a cybersecurity executive and trusted advisor to public and private sector organizations, helping them to manage their strategy, risk and cybersecurity programs. He is a prominent cybersecurity veteran, having worked at early security startups, the White House, the financial sector and other Fortune 100s, and co-founded Emergynt, a digital risk management platform based on his Ph.D. research. He holds a Ph.D. from George Washington University, and a Masters of information system management and B.S. in mechanical engineering from Carnegie Mellon University.

David is Professor of the Practice and Director of the Center for Public Policy and Private Enterprise at the University of Maryland’s School of Public Policy. He directs the School’s Cyber Policy Initiative, and teaches on cyber policy issues and risk management. Prior to joining UMD in 2016, he was Assistant Director of the Information Technology and Systems Division at the Institute for Defense Analyses (IDA). David is also a Senior Fellow at Canada’s Center for International Governance Innovation (CIGI). David has over two decades of experience in the national security, cyber security, and private sector experience.

David served on the White House National Security Council staff, as Director Surface Transportation Security Policy, and was previously Senior Advisor for Cyber Policy for the U.S. Department of Defense. Since leaving federal service, David has directed cybersecurity studies for the Department of Homeland Security (DHS), the Office of the Director of National Intelligence (ODNI), the Federal Communications Commission and the North Atlantic Treaty Organization (NATO). David has led cyber risk assessments for the Bank of Canada and for private sector entities in the U.S. and Canada. Most recently he has conducted projects on election cybersecurity, social media information security issues, and the security of ICT supply chains. An internationally known expert on critical infrastructure cybersecurity, David is a frequently called upon speaker at international venues, and serves on the technical advisory board of Verified Voting – a U.S. NGO concerned with voter participation and voting technology security – and on the ACM U.S. Technology Policy Committee.

Gabriel Bergel, CISSP (Chile)(ISC)² Board Awards Committee Chair

Gabriel Bergel currently holds several positions within the field of cybersecurity, including Chief Security Ambassador of ElevenPaths (Telefonica) for Chile & Brazil, Director of Public Policies at Whilolab and Cofounder and Organizer of 8.8 Computer Security Conference. He also serves as Coordinator of the Industrial Cybersecurity Center (CCI), Professor of the Master in Cybersecurity of the Adolfo Ibáñez University and Host of the #8punto8 radio program of www.radiodemente.cl (first radio program of Cybersecurity in Chile).

Gabriel has a master’s degree in cybersecurity from IMF Business School and Camilo José Cela University in Spain. He has more than 16 years of experience in a variety of areas of cybersecurity, working as a consultant, project manager, security engineer, CISO and others. He regularly presents in courses, conferences, workshops and forums around the world.

SC Leung, CISSP (Hong Kong)(ISC)² Board By-Laws Committee Chair

SC Leung is currently the Centre Manager of the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT). He has more than 25 years of working experience serving banking, Internet solution provider, telecommunication and consultancy industries.

SC was a member of the Asia-Pacific Advisory Council of (ISC)². He was the Founding Chairperson of the Professional Information Security Association which subsequently hosts the (ISC)² Hong Kong Chapter.

SC Leung holds information security designations CISSP, CCSP, CISA and CBCP. He received the (ISC)² President Award in 2013 and was an Honoree of the Asia Pacific Information Security Leader Achievement Award, by (ISC)² in 2007.

David Melnick, CISSP (USA)(ISC)² Board Nominations Committee Chair

David Melnick, Vice President Web Isolation at Proofpoint and previous founder and CEO of WebLife, has almost 25 years of experience in technology and security. David has worked extensively with both U.S. and global companies advising them on setting strategy, developing risk-based priorities, and operationalizing effective governance of highly sensitive and regulated data. David’s experience includes implementing security technology and addressing privacy regulatory requirements including Global, U.S. Federal and U.S. State privacy requirements.

David has authored several books through McGraw Hill Publishing and Macmillan Publishing including PDA Security: Incorporating Handhelds into your Enterprise. Currently his books have been translated into four languages including Japanese, Chinese and Italian. David is a Certified Information Privacy Professional (CIPP/E CIPP/US), a Certified Information Systems Auditor (CISA), a Certified Information Systems Security Professional (CISSP).

Yiannis Pavlosoglou, CISSP (U.K.)

Yiannis Pavlosoglou is a knowledgeable principal in information security management with proven history in the financial services industry. Yiannis has practiced Operational Resilience, NIST, CERT RMM, Ethical Hacking, Coding, and Process Excellence. He is a strong professional in governance with experience of providing quarterly updates to U.K. boards and regulators.

Aloysius Cheang, CISSP (Singapore)

Aloysius Cheang is a senior corporate executive with extensive experience running global businesses. In his line of work, he has built and led large multi-cultural, multi-disciplinary team spread across five continents and four major time zones in highly heterogeneous and demanding environments.

Along with serving on the (ISC)² Board, Aloysius serves as a Board Director and EVP APAC for U.K.-based cyber leadership think tank, the Centre for Strategic Cyberspace + International Studies. He is also a Director with AC3Labs in Singapore and co-founder of Taiwan-based IoT and blockchain security startups, iSyncGroup Inc and Doqubiz Inc. Aloysius was most recently co-founder and managing director for Cloud Security Alliance APAC.

As a globally recognized cybersecurity expert, Aloysius's professional perspective is highly valued by major media such as the BBC, Times, Wall Street Journal, Xinhua News, SCMP, The Hindu, China Times, Straits Times and CNA.

(ISC)² Board of Directors Frequently Asked Questions

The (ISC)² Board of Directors represents our membership as a whole. Our Bylaws govern the responsibilities and activities of the organization.

Our Bylaws clearly state: The Board of Directors shall have the powers and duties of a board of directors pursuant to the laws of the Commonwealth of Massachusetts, and shall be responsible for the policy and governance of the Corporation. The Board shall hire, direct and oversee the CEO.

In addition, the (ISC)² Board of Directors:

Works with management to ensure that policy and strategy are set, documented and clearly understood by both the board and management.

Ensures that (ISC)² management is performing to a level that allows them to deliver on their objectives.

Ensures that the assets of the corporation are being used wisely and strategic initiatives are adequately resourced.

Early in the year, the (ISC)² Board of Directors begins looking for potential candidates. First, the Board asks various advisory councils and committees for suitable nominations.

Then, the Nominations Committee spends time vetting the candidates against various criteria. (See Board election process.) This process ensures that candidates:

Have demonstrated their abilities.

Have the desire to provide their time and energies to (ISC)² over an extended period of time.

Are likely to be productive board members.

Q:

Is the membership notified when and how to recommend candidates for the Board or prepare a petition for candidacy?

A:

Yes, (ISC)² notifies its members of petition procedures and deadlines every year.

If you’re submitting a petition with names to go on the official ballot, it must be received at least 60 days before the election. This gives board members the time to ensure that candidates are qualified and agree to serve if elected. If these criteria are met, the candidates’ names appear on the official ballot.

Social Media

All contents of this site constitute the property of (ISC)², Inc. and may not be copied, reproduced or distributed without prior written permission. (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered certification marks of (ISC)², Inc.